f8c1c83d67e1ec812f317b87fb84ef44f3de43190abcac03d97629ad22d6dbdb

Sharing

Copy URL

Twitter E-mail

General

Target

f8c1c83d67e1ec812f317b87fb84ef44f3de43190abcac03d97629ad22d6dbdb
Size

795KB
MD5

8696bfb73b10c2cf479952979338fb4d
SHA1

ddf2a7e2f50d7f55d17af17709ca96a510838328
SHA256

f8c1c83d67e1ec812f317b87fb84ef44f3de43190abcac03d97629ad22d6dbdb
SHA512

8cccc34b2eb0d9bb54513fb0cc3a8ebbb14660de9e09876244341269308be06c64bae824a50b5405a4e7f621499f2a1ab6fa3ba04433e2022f797aebc1bbca67
SSDEEP

12288:Tp5ReMuin/VJDdwy2+OJyAGkAD/tEdVVoj78+U94:TbktinexJyAGkcvjU94

Score

1^/10

Malware Config

Signatures

Files

f8c1c83d67e1ec812f317b87fb84ef44f3de43190abcac03d97629ad22d6dbdb
.exe windows:6 windows x86 arch:x86

887ba0016b3be391b14c4d201e15278b

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5f:da:67:ef:71:64:15:cd:f1:36:98:fb
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

27/07/2023, 14:53

Not After

27/07/2026, 14:53

Subject

SERIALNUMBER=000237148,CN=VENTOBYTE SL,O=VENTOBYTE SL,STREET=C/ Los Prados 166,L=Gijón,ST=Asturias,C=ES,1.2.840.113549.1.9.1=#0c12696e666f4076656e746f627974652e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13024553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

69:8e:99:c8:9e:b1:c0:cc:1d:b9:ef:12:2a:40:bd:db:f6:fc:51:9a:7c:72:19:30:1a:f6:d7:b3:34:a3:d8:df
Signer

Actual PE Digest

69:8e:99:c8:9e:b1:c0:cc:1d:b9:ef:12:2a:40:bd:db:f6:fc:51:9a:7c:72:19:30:1a:f6:d7:b3:34:a3:d8:df

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Dev\Projects\Proxifier\Program\Repo\ProxifierWin4\ProxyChecker\Release\ProxyChecker.pdb

Imports

kernel32

GetTickCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
LockResource
WriteConsoleW
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
GetTimeFormatW
GetDateFormatW
ExitProcess
GetStdHandle
VirtualAlloc
GetSystemInfo
GetFileType
SetStdHandle
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
RtlUnwind
LoadLibraryExA
ExpandEnvironmentStringsA
OutputDebugStringW
LoadResource
FindResourceW
SetLastError
GetComputerNameA
GetVersionExW
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WideCharToMultiByte
GlobalAlloc
GlobalFree
LoadLibraryW
GetModuleFileNameW
MapViewOfFile
VirtualQuery
GetCurrentThreadId
SetErrorMode
GetLastError
HeapFree
InitializeCriticalSectionEx
HeapSize
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
ResumeThread
GetACP
OutputDebugStringA
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
GetModuleHandleW
FreeResource
GlobalLock
GlobalUnlock
MulDiv
EncodePointer
GetSystemDirectoryW
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
GlobalAddAtomW
GlobalFindAtomW
CompareStringW
LocalFree
FormatMessageW
GetCurrentThread
lstrcmpA
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetCurrentProcessId
CloseHandle
SetEvent
WaitForSingleObject
CreateEventW
SetThreadPriority
SuspendThread
EnterCriticalSection
LeaveCriticalSection
LocalAlloc
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GlobalFlags
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
GetThreadLocale
DeleteFileW
CreateFileW
FindClose
FindFirstFileW
FlushFileBuffers
GetFileSize
GetFullPathNameW
GetVolumeInformationW
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
GetCurrentProcess
FileTimeToLocalFileTime
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
GetFileTime
FindNextFileW
SizeofResource

user32

MoveWindow
ShowWindow
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoW
MonitorFromWindow
WinHelpW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
EqualRect
CopyRect
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
GetScrollPos
ValidateRect
SetForegroundWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetCursorPos
SetWindowPos
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
EnableWindow
LoadIconW
GetSystemMenu
AppendMenuW
SendMessageW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
PostMessageW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
CheckRadioButton
IsDlgButtonChecked
BeginPaint
ReleaseDC
SetWindowTextW
IsDialogMessageW
PostQuitMessage
SetWindowContextHelpId
MapDialogRect
GetWindowThreadProcessId
GetMessageW
GetForegroundWindow
GetClientRect
GetDC
SetTimer
IsIconic
GetSystemMetrics
DrawIcon
GetWindowRect
PtInRect
LoadMenuW
GetSubMenu
RedrawWindow
GetSysColorBrush
SetCursor
LoadCursorW
UnregisterClassW
SendDlgItemMessageA
SetRectEmpty
OffsetRect
GetParent
IsWindow
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongW
GetDesktopWindow
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
DestroyMenu
TranslateMessage
RealChildWindowFromPoint
IntersectRect
SetCapture
ReleaseCapture
PostThreadMessageW
RegisterClipboardFormatW
CharUpperW
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
SetRect
InvalidateRgn
CopyAcceleratorTableW
CharNextW
InvalidateRect
KillTimer

gdi32

GetRgnBox
GetTextColor
GetBkColor
GetMapMode
CreateRectRgnIndirect
ScaleWindowExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
GetObjectW
SetTextColor
SetMapMode
SetBkMode
SetBkColor
SelectObject
ExtSelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetClipBox
Escape
DeleteObject
DeleteDC
CreateBitmap
CreateFontW
GetDeviceCaps
GetStockObject

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegOpenKeyExA
RegQueryValueExA
RegOpenKeyExW
RegQueryValueExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

shell32

ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

UrlUnescapeW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW

ole32

CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoInitialize
CLSIDFromProgID
CoFreeUnusedLibraries
OleInitialize
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CLSIDFromString
CoCreateInstance
OleUninitialize

oleaut32

SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocString
VariantCopy
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
OleCreateFontIndirect

oledlg

OleUIBusyW

ws2_32

inet_addr
htons
socket
gethostbyname
closesocket
WSAStartup
send
WSAGetLastError
recv
inet_ntoa
connect

oleacc

LresultFromObject
CreateStdAccessibleObject

wininet

HttpQueryInfoW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetOpenW
InternetCloseHandle
InternetOpenUrlW
InternetReadFile
InternetSetFilePointer
InternetWriteFile
InternetQueryDataAvailable
InternetQueryOptionW
InternetGetLastResponseInfoW
InternetSetStatusCallbackW

Sections

.text
Size: 368KB - Virtual size: 367KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

887ba0016b3be391b14c4d201e15278b

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate

Key Usages

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

5f:da:67:ef:71:64:15:cd:f1:36:98:fbCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

69:8e:99:c8:9e:b1:c0:cc:1d:b9:ef:12:2a:40:bd:db:f6:fc:51:9a:7c:72:19:30:1a:f6:d7:b3:34:a3:d8:dfSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

ws2_32

oleacc

wininet

Sections

.text Size: 368KB - Virtual size: 367KB

.rdata Size: 109KB - Virtual size: 108KB

.data Size: 10KB - Virtual size: 21KB

.rsrc Size: 296KB - Virtual size: 296KB

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

5f:da:67:ef:71:64:15:cd:f1:36:98:fb
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

69:8e:99:c8:9e:b1:c0:cc:1d:b9:ef:12:2a:40:bd:db:f6:fc:51:9a:7c:72:19:30:1a:f6:d7:b3:34:a3:d8:df
Signer

.text
Size: 368KB - Virtual size: 367KB

.rdata
Size: 109KB - Virtual size: 108KB

.data
Size: 10KB - Virtual size: 21KB

.rsrc
Size: 296KB - Virtual size: 296KB